ppfun/pixelplanet
13
Fork 18
Code Issues 24 Pull Requests Releases 2 Activity

refactor 3ptid passport strategies

Browse Source
This commit is contained in:
HF 2022-06-21 10:19:33 +02:00
parent 0078626d7c
commit 1d9fa2a310
1 changed files with 75 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
src/core/passport.js
View File

@ -42,34 +42,30 @@ passport.use(new JsonStrategy({
usernameProp: 'nameoremail', usernameProp: 'nameoremail',
passwordProp: 'password', passwordProp: 'password',
}, async (nameoremail, password, done) => { }, async (nameoremail, password, done) => {
try { // Decide if email or name by the occurance of @
// Decide if email or name by the occurance of @ // this is why we don't allow @ in usernames
// this is why we don't allow @ in usernames // NOTE: could allow @ in the future by making an OR query,
// NOTE: could allow @ in the future by making an OR query, // but i guess nobody really cares.
// but i guess nobody really cares. // https://sequelize.org/master/manual/querying.html
// https://sequelize.org/master/manual/querying.html const query = (nameoremail.indexOf('@') !== -1)
const query = (nameoremail.indexOf('@') !== -1) ? { email: nameoremail }
? { email: nameoremail } : { name: nameoremail };
: { name: nameoremail }; const reguser = await RegUser.findOne({
const reguser = await RegUser.findOne({ include,
include, where: query,
where: query, });
}); if (!reguser) {
if (!reguser) { done(new Error('Name or Email does not exist!'));
done(new Error('Name or Email does not exist!')); return;
return;
}
if (!compareToHash(password, reguser.password)) {
done(new Error('Incorrect password!'));
return;
}
const user = new User();
await user.initialize(reguser.id, null, reguser);
user.updateLogInTimestamp();
done(null, user);
} catch (err) {
done(err);
} }
if (!compareToHash(password, reguser.password)) {
done(new Error('Incorrect password!'));
return;
}
const user = new User();
await user.initialize(reguser.id, null, reguser);
user.updateLogInTimestamp();
done(null, user);
})); }));
/* /*
@ -124,14 +120,10 @@ passport.use(new FacebookStrategy({
proxy: true, proxy: true,
profileFields: ['displayName', 'email'], profileFields: ['displayName', 'email'],
}, async (req, accessToken, refreshToken, profile, done) => { }, async (req, accessToken, refreshToken, profile, done) => {
try { const { displayName: name, emails } = profile;
const { displayName: name, emails } = profile; const email = emails[0].value;
const email = emails[0].value; const user = await oauthLogin(email, name);
const user = await oauthLogin(email, name); done(null, user);
done(null, user);
} catch (err) {
done(err);
}
})); }));
/** /**
@ -142,20 +134,16 @@ passport.use(new DiscordStrategy({
callbackURL: '/api/auth/discord/return', callbackURL: '/api/auth/discord/return',
proxy: true, proxy: true,
}, async (accessToken, refreshToken, profile, done) => { }, async (accessToken, refreshToken, profile, done) => {
try { logger.info({ profile, refreshToken, accessToken });
logger.info({ profile, refreshToken, accessToken }); const { id, email, username: name } = profile;
const { id, email, username: name } = profile; if (!email) {
if (!email) { throw new Error(
done(null, false, { // eslint-disable-next-line max-len
// eslint-disable-next-line max-len 'Sorry, you can not use discord login with an discord account that does not have email set.',
message: 'Sorry, you can not use discord login with an discord account that does not have email set.', );
});
}
const user = await oauthLogin(email, name, id);
done(null, user);
} catch (err) {
done(err);
} }
const user = await oauthLogin(email, name, id);
done(null, user);
})); }));
/** /**
@ -166,14 +154,10 @@ passport.use(new GoogleStrategy({
callbackURL: '/api/auth/google/return', callbackURL: '/api/auth/google/return',
proxy: true, proxy: true,
}, async (accessToken, refreshToken, profile, done) => { }, async (accessToken, refreshToken, profile, done) => {
try { const { displayName: name, emails } = profile;
const { displayName: name, emails } = profile; const email = emails[0].value;
const email = emails[0].value; const user = await oauthLogin(email, name);
const user = await oauthLogin(email, name); done(null, user);
done(null, user);
} catch (err) {
done(err);
}
})); }));
/* /*
@ -184,43 +168,39 @@ passport.use(new RedditStrategy({
callbackURL: '/api/auth/reddit/return', callbackURL: '/api/auth/reddit/return',
proxy: true, proxy: true,
}, async (accessToken, refreshToken, profile, done) => { }, async (accessToken, refreshToken, profile, done) => {
try { logger.info({ profile, refreshToken, accessToken });
logger.info({ profile, refreshToken, accessToken }); const redditid = profile.id;
const redditid = profile.id; let name = sanitizeName(profile.name);
let name = sanitizeName(profile.name); // reddit needs an own login strategy based on its id,
// reddit needs an own login strategy based on its id, // because we can not access it's mail
// because we can not access it's mail let reguser = await RegUser.findOne({
let reguser = await RegUser.findOne({ include,
where: { redditid },
});
if (!reguser) {
reguser = await RegUser.findOne({
include, include,
where: { redditid }, where: { name },
}); });
if (!reguser) { while (reguser) {
// name is taken by someone else
// eslint-disable-next-line max-len
name = `${name.substring(0, 15)}-${Math.random().toString(36).substring(2, 10)}`;
// eslint-disable-next-line no-await-in-loop
reguser = await RegUser.findOne({ reguser = await RegUser.findOne({
include, include,
where: { name }, where: { name },
}); });
while (reguser) {
// name is taken by someone else
// eslint-disable-next-line max-len
name = `${name.substring(0, 15)}-${Math.random().toString(36).substring(2, 10)}`;
// eslint-disable-next-line no-await-in-loop
reguser = await RegUser.findOne({
include,
where: { name },
});
}
reguser = await RegUser.create({
name,
verified: 1,
redditid,
});
} }
const user = new User(); reguser = await RegUser.create({
await user.initialize(reguser.id, null, reguser); name,
done(null, user); verified: 1,
} catch (err) { redditid,
done(err); });
} }
const user = new User();
await user.initialize(reguser.id, null, reguser);
done(null, user);
})); }));
/** /**
@ -233,22 +213,17 @@ passport.use(new VkontakteStrategy({
scope: ['email'], scope: ['email'],
profileFields: ['displayName', 'email'], profileFields: ['displayName', 'email'],
}, async (accessToken, refreshToken, params, profile, done) => { }, async (accessToken, refreshToken, params, profile, done) => {
try { logger.info(profile);
logger.info(profile); const { displayName: name } = profile;
const { displayName: name } = profile; const { email } = params;
const { email } = params; if (!email) {
if (!email) { throw new Error(
done(null, false, { // eslint-disable-next-line max-len
// eslint-disable-next-line max-len 'Sorry, you can not use vk login with an account that does not have a verified email set.',
message: 'Sorry, you can not use vk login with an account that does not have a verified email set.', );
});
return;
}
const user = await oauthLogin(email, name);
done(null, user);
} catch (err) {
done(err);
} }
const user = await oauthLogin(email, name);
done(null, user);
})); }));